Last month, we looked at the CompTIA Network+ certification (the second most popular vendor-neutral certification offered by CompTIA) and some questions based on topics found in the first two domains of the recently updated exam (Networking Concepts and Infrastructure)
This month, we bring you a self-test of 25 questions based on the topics covered by the last three domains — Network Operations, Network Security, and Network Troubleshooting and Tools. Are you ready to tackle the new exam, N10-007 that debuts on March 1? Let’s find out!
The answers appear at the end of the questions. In all cases, pick the best answer(s) to each question. Good luck!
1. Which of the following is considered a vulnerability scanner?
2. Carlos has purchased the newest iPhone and wants to use it to access all company data that he normally would from his issued device. What are the procedures the mobile device must go through to get it ready to go on the network known as?
3. An administrator from a remote site calls to report that their one and only server has crashed. They make a full backup every Sunday and a differential backup every evening during the week. How many sets of backup media will you need to restore if the crash occurred on Friday morning?
4. You have been summoned to HR to respond to a junior administrator using a packet sniffer on the network without authorization. What harmful thing can this device do? (Choose the best answer)
a. capture keystrokes of logins and passwords on local machines
b. reroute DNS queries to a rogue server
c. identify open ports
d. capture data traveling between computers
5. You have been instructed by the new manager over IT to configure VNC for remote logins. Which of the following ports should you enable?
6. Which of the following is the process of combining multiple network cards for performance and fault tolerance reasons?
b. NIC teaming
7. You have assigned the role of increasing security throughout the company. One of the first things you want to implement is facial recognition software to strengthen authentication. What category of authentication does facial recognition qualify as?
8. Which of the following copies files between systems, but transport is not secured?
9. Which of the following statements is true?
a. TACACS+ and RADIUS use UDP
b. TACACS+ uses UDP
c. RADIUS uses TCP
d. RADIUS uses UDP
e. TACACS+ and RADIUS use TCP
10. (Fill in the blanks): CCMP uses ______ AES encryption with a _____ initialization vector.
a. 128-bit; 48-bit
b. 256-bit; 64-bit
c. 256-bit; 48-bit
d. 128-bit; 64-bit
11. In what type of Denial of Service (DoS) attack are spoofed UDP packets are sent to a network’s broadcast address?
c. Ping of Death
d. Evil twin
12. To keep production systems secure, firmware should be:
b. kept current after testing on lab machines
c. updated before lab machines
d. frozen at time of installation
13. What is the first step in CompTIA’s troubleshooting framework?
a. Implement the solution or escalate as necessary
b. Establish a plan of action to resolve the problem and identify potential effects
c. Establish a theory of probable cause
d. Identify the problem
14. Which of the following tools are used to attach twisted-pair network cable to connectors within a patch panel?
b. butt set
d. toner probe
15. Tony is trying to troubleshoot a client machine that keeps failing to get a lease for an IP address. Which server is it having difficulty communicating with?
Please visit GoCertify to attempt the remaining 10 questions of this quiz.
1. D — nmap is a vulnerability scanner. Netstat is used to see network statistics, OVAL is a language, and Blackhole is a fictitious entity. (Domain 5.0 Network Troubleshooting and Tools / Subojective 5.2 Given a scenario, use the appropriate tool)
2. D — Onboarding a mobile device is the procedures gone through to get it ready to go on the network (scanning for viruses, adding certain apps, and so forth. (Domain 3.0 Network Operations / Subojective 3.5 Identify polices and best practices)
3. B — You will need to use the full backup from Sunday and the differential backup from Thursday to restore the data: a total of two sets. (Domain 3.0 Network Operations / Subobjective 3.2 Compare and contrast business continuity and disaster recovery concepts)
4. D — A packet sniffer can be used on the network to capture data traveling between computers. (Domain 3.0 Network Operations / Subobjective 3.3 Explain common scanning, monitoring and patching processes and summarize their expected outputs)
5. B — Virtual Network Computing (VNC) enables remote login, in which clients can access their own desktops while being physically away from their computers. By default, it uses port 5900 and it is not considered overly secure. RDP uses port 3389. Telnet uses port 23, while SSH uses port 22. (Domain: 3.0 Network Operations / Subobjective 3.4 Given a scenario, use remote access methods)
6. B — NIC teaming is the process of combining multiple network cards for performance and redundancy (fault tolerance) reasons. This can also be called bonding, balancing, or aggregation. (Domain 3.0 Network Operations / Subobjective 3.2 Compare and contrast business continuity and disaster recovery concepts)
7. D — Biometric systems work by using some unique characteristic of a person’s identity—such as a fingerprint, a palm print, or a retina scan—to validate that person’s identity. (Domain 4.0 Network Security / Subobjective 4.1 Summarize the purposes of physical security devices)
8. C — RCP (Remote Copy Protocol) copies files between systems, but transport is not secured. (Domain 4.0 Network Security / Subobjective 4.1 Summarize the purposes of physical security devices)
9. D — One notable difference between TACACS+ and RADIUS is that TACACS+ relies on the connection-oriented TCP, whereas RADIUS uses the connectionless UDP. (Domain 4.0 Network Security / Subobjective 4.2 Explain authentication and access controls)
10. A — CCMP uses 128-bit AES encryption with a 48-bit initialization vector. With the larger initialization vector, it increases the difficulty in cracking and minimizes the risk of a replay attack. (Domain 4.0 Network Security / Subobjective 4.3 Given a scenario, secure a basic wireless network)
11. B — In a Fraggle attack, spoofed UDP packets are sent to a network’s broadcast address. These packets are directed to specific ports and, after they are connected, can flood the system. (Domain 4.0 Network Security / Subobjective 4.4 Summarize common networking attacks)
12. B — There is a reason why each firmware update is written. Sometimes, it is to optimize the device or make it more compatible with other devices. Other times, it is to fix security issues and/or head off identified problems. Keep firmware on your production machines current after first testing the upgrades on lab machines and verifying that you’re not introducing any unwanted problems by installing (Domain 4.0 Network Security / Subobjective 4.5 Given a scenario, implement network device hardening)
13. D — There are seven steps in CompTIA’s troubleshooting framework and the first is to identify the problem. (Domain 5.0 Network Troubleshooting and Tools / Subobjective 5.1 Explain the network troubleshooting methodology)
14. C — Punchdown tools are used to attach twisted-pair network cable to connectors within a patch panel. Specifically, they connect twisted-pair wires to the insulation displacement connector (IDC). (Domain 5.0 Network Troubleshooting and Tools / Subobjective 5.2 Given a scenario, use the appropriate tool)
15. D — The IP lease information is issued by the DHCP server. An inability to communicate with it will usually result in the client configuring itself with an address in the 169.254.0.0 APIPA range. (Domain 5.0 Network Troubleshooting and Tools / Subobjective 5.5 Given a scenario, troubleshoot common network service issues)